74 IT Security Consultant jobs in South Africa

About Us

Integrity360 is the largest independent cyber security provider in Europe, with a growing international presence spanning the UK, Ireland, mainland Europe, Africa and the Caribbean. With over 700 employees, across 12 locations, and six Security Operations Centres (SOCs)—including locations in Dublin, Sofia, Stockholm, Madrid, Naples and Cape Town—we support more than 2,500 clients across a wide range of industries.

Over 80% of our team are technical experts, focused on helping clients proactively identify, protect, detect and respond to threats in an ever-evolving cyber landscape. Our security-first approach positions cyber resilience as a business enabler, empowering organisations to operate with confidence.

At Integrity360, people come first. We invest heavily in learning, development and progression, fostering a dynamic culture where innovation, collaboration and continuous growth are at the heart of what we do. If you're ready to take your cyber security career to the next level, we'd love to hear from you.

Job role

As a Cloud Security Consultant, you'll play a key role in delivering cloud-native security consulting, onboarding threat detection platforms and translating complex security insights into actionable reports, enabling clients to understand risk, prioritise remediation, and strengthen their overall cloud security posture.

You'll work with a variety of leading cloud security platforms including Orca Security, Microsoft Defender XDR, Microsoft Sentinel, Microsoft Purview and the broader Microsoft 365 security suite. In this role, you will support the design and implementation of cloud-native security solutions, perform in-depth security assessments across cloud workloads, and contribute to the continuous enhancement of detection and response strategies.

This is a dynamic, customer-facing role within a fast-paced and rapidly evolving security practice. It is ideally suited for a seasoned Cloud Security professional with proven experience in delivering cloud security solutions across complex, enterprise-scale environments. You will be expected to lead engagements, contribute to the design and implementation of cloud-native security architectures, and advise clients with confidence across a broad range of threat detection and security posture initiatives. As the practice continues to grow, you'll play a key role in shaping service offerings, driving delivery excellence, and adapting to the evolving needs of our clients and the business.

Reporting into the Senior Microsoft & Cloud Security Architect, you will be part of a supportive and experienced team within Professional Services that values growth and continuous learning. You'll have access to ongoing training, certification support, and hands-on exposure to cutting-edge cloud security technologies, empowering you to deepen your expertise and advance your career within a high-performing security practice.

Key Responsibilities

• Lead technical delivery and onboarding of Cloud Native Security Solutions such as CSPM/CNAPP/XDR/SOAR /SIEM platforms.
• Perform cloud security assessments (e.g., posture review, CSPM, identity risk, threat exposure)
• Deliver customer workshops, high- and low-level designs, and technical documentation.
• Contribute to the development of internal methodologies for cloud threat detection and managed services.
• Perform on site or remote assessments, consultancy and HLD and LLD design services featuring the M365 security stack and other cloud security technology.
• Stay current with emerging threats, tools, and technologies to ensure the delivery of up-to-date security advice and service offerings.
• Contribute to internal procedures, and documentation to support the maturity and scalability of the practice.
• Collaborate with cross-functional teams (Sales, SOC, Architecture, Engineering) to align technical solutions with client business needs.
• Provide strategic guidance to clients, helping them prioritise security improvements based on risk, business impact, and cloud-native best practices.
• Develop and deliver tailored security roadmaps, aligning with regulatory, compliance, or cloud governance frameworks (e.g. NIST, ISO, CIS).
• Conduct gap analysis and risk assessments aligned to cloud security frameworks (e.g., CIS Benchmarks, Azure Well-Architected Framework).
• Support pre-sales efforts, including solution scoping, client demos, and bid/tender responses where required.
  While this is a hybrid role, there may be local or global travel requirements from time to time, dependent on customer needs.

Requirements

• Strong experience with the Microsoft 365 Security Stack, including Defender for Endpoint, Defender for Identity, Defender for Office 365, Microsoft Defender for Cloud Apps, and Microsoft Defender for Cloud.
• Hands-on experience with Microsoft Azure security controls and services; equivalent exposure to GCP or AWS is also acceptable.
• Proficiency with CSPM, CNAPP, or vulnerability management platforms.
• Sound understanding of cloud security design principles, including identity, access, data protection, threat detection, and monitoring.
• Ability to translate technical risk into business context and communicate effectively with both technical and non-technical audiences.
• Excellent written and verbal communication skills, including documentation, reporting, and presentation.
• Client-facing experience, with a track record of contributing to successful project delivery
• Ability to work independently in a fast-paced environment, while also collaborating effectively with wider teams.
• Strong analytical mindset, self-motivated learner, and passionate about cloud security trends and technologies.
  Good understanding of security frameworks and methodologies such as MITRE ATT&CK, NIST, ISO/IEC 27001, CIS Benchmarks.

Desired

• 5+ years of experience in a similar role such as Cloud Security Consultant, Cloud Security Engineer, or Cloud Security Architect.
• Minimum of 3 years' experience in Professional Services. managed security services, preferably in a next generation SOC environment or in an MSSP or MDR provider
• Experience with SIEM and SOAR platforms, particularly Microsoft Sentinel or Google Chronicle, including rule tuning, KQL, and automation.
• Knowledge of infrastructure-as-code and security automation (e.g., Bicep, Terraform, Logic Apps, PowerShell).
  Exposure to compliance-driven environments (e.g. ISO 27001, PCI-DSS, GDPR).

Desired Qualifications

• Microsoft Certified: Azure Security Engineer Associate (AZ-500)
• Microsoft Certified: Security Operations Analyst (SC-200)
• Identity & Access Administrator (SC-300)
• Cybersecurity Architect Expert (SC-100)
• ISC² Certified Cloud Security Professional (CCSP)
• CISSP
• CompTIA N+
  CompTIA Security+

What we will provide for you:

• Opportunity to enhance your skills, knowledge and gain experience in key leading technology and security services.
• An opportunity to attend conferences held by leading Security Vendors / Organisations.
• Opportunities to expand your experience by learning new products with further opportunity to influence product/service strategy for the group.
• A leadership team who has a worthwhile mission and who excel at that mission.
• A chance to work with one of the market leaders in Information Security (Winner of Managed Security Service Provider 2017, Winner of Best Place to work in IT 2016, Nominated for EY, EOY 2015, Winner of the AIB Enterprise of the Year Award 2013).
• Join a Company that has been awarded the Elite Award for Growth Strategy of the Year, Ireland 2018.
• Opportunity to gain experience and knowledge in a key field of expertise.
• Exposure to many different verticals in Ireland and the UK – Govt, Financial, Pharma and SMEs.
  A team of highly experienced technology and security professionals to work with, learn and receive support from.

About Us
Integrity360 is the largest independent cyber security provider in Europe, with a growing international presence spanning the UK, Ireland, mainland Europe, Africa and the Caribbean. With over 700 employees, across 12 locations, and six Security Operations Centres (SOCs)—including locations in Dublin, Sofia, Stockholm, Madrid, Naples and Cape Town—we support more than 2,500 clients across a wide range of industries.

Over 80% of our team are technical experts, focused on helping clients proactively identify, protect, detect and respond to threats in an ever-evolving cyber landscape. Our security-first approach positions cyber resilience as a business enabler, empowering organisations to operate with confidence.

At Integrity360, people come first. We invest heavily in learning, development and progression, fostering a dynamic culture where innovation, collaboration and continuous growth are at the heart of what we do. If you're ready to take your cyber security career to the next level, we'd love to hear from you.

Job Role

The Senior QSA Consultant Will Lead Security Consultancy Engagements And Pre-sales Processes With Clients Within Financial Services And Payment Card Industries. Focusing On Delivery Of Payment Compliance Services, Which Include But Are Not Limited To

• PCI specialized assessment (PIN, P2PE, SSF, 3DS, etc.)
• PCI DSS, Swift, PSD2 assessments
• GAP Analysis
• Policy and Procedure review

Primary Duties/Responsibilities Include
Pre-Sales

• Starting from the information received from the sales team, independently carry out the estimate of the effort required to deliver a security services, reporting the result to the regional lead for approval.
• Lead customer engagements and provide senior cyber security advice and services to a broad range of clients and industries. Provide detailed analytical reporting, internal reporting metrics and program management. Provide leadership and mentorship to Junior consultants.

Delivery

• Prepares, organizes and supports delivery by team members of engagements offsite or at customer premises including but not limited to gap analysis, security assessment, risk and/or compliance assessment using one or more industry or regulatory standard or framework.

Processes and Documentation

• Assesses compliance related documentation including policies, procedures, standards and legislative directives.
• Provides remediation support and guidance on the security aspects of the administration and maintenance of processes & documentation, infrastructure components, applications, services and security systems.
• Delivers detailed reports following Integrity360's reporting best practice and templates.
• Ensure QA process for Payments Compliance standards is initiated and applied for relevant projects, in cooperation with QA and Backoffice team.
• Establishes new standards and reviews existing documentation to ensure the correct application of the processes.
• In cooperation with Practice Lead(s), estimating, planning & monitoring team budget.
• Provide regular status update to internal stakeholders (Practice Lead(s), PMO).
• Participate in continuous improvement of internal processes (reporting tools, assessment automation etc.)

Communication

• Participates to external conferences and promotes Integrity360 by identifying important Industry events.
• Support marketing activities related to existing Professional Service portfolio and customer acquisition working in collaboration with marketing team.
• Act as a communication point between regional team, other professional services teams, Customer Success and other departments.
• Supports sales team in development and effort estimations for new opportunities (e.g. new and evolving industry standards).
• Stay up-to-date on developments in the Payments Compliance realm, understanding new standards and regulations and their impact on Integrity360.

Required Skills

• Relevant Experience in Fintech industry and security standards & directives consultancy services (PCI DSS, PSD2, ISO 27001, SWIFT, etc.)
• Cryptography techniques including algorithms, key management, and key lifecycle.
• Public key infrastructure (PKI) and the role and operations of a Certification Authority (CA) and Registration Authority (RA).
• Hardware security modules (HSMs) operations, policies, and procedures.
• POI key-injection systems and techniques including key-loading devices (KLDs) and key management methods, such as Master/Session or DUKPT.
• Physical security techniques for high-security areas.
• Authentication methods and techniques.
• Security Integrity controls.
• Computer Networking (routing, switching, firewall network filtering).
• Operating Systems hardening and administration (Linux/Unix, Windows).

Core Competencies

• Problem Solving (analysis, helicopter view, problem setting, decision making).
• Planning and Organization (time management, scheduling and control).
• Communication (clearness, listening, persuasion, negotiation, public speaking).
• Networking (reinforce relationships, use emotional intelligence and personal proximity).
• Results Orientation (delivering solutions, work under pressures).
• Leading and Empowering People (self-confidence, establishing focus, providing motivational support and feedback, fostering teamwork and integration).
• Economic Sensitivity (Economic variables evaluation, Profit & Loss dynamics).

Certifications/Qualifications

• Qualified Security Assessor (QSA) is a must.

About the Role

We are seeking a highly experienced
Senior Vulnerability Management Specialist
 to lead patching activities across a large-scale enterprise environment. The role requires deep technical expertise, leadership capability, and the ability to work under pressure in a complex IT landscape.

You will play a critical role in ensuring that our client's IT infrastructure remains secure, compliant, and resilient. The environment is Windows-based with over multiple servers, and you will coordinate regular patching cycles, vulnerability management, and compliance reporting in line with both internal and external requirements.

Key Responsibilities

• Lead and coordinate regular patching cycles across endpoints, servers, and network devices.
• Ensure compliance with internal security policies and external regulatory requirements.
• Manage patching and remediation in line with the client's
  patching cycles and vulnerability reports.
• Assist internal IT teams with server hardening and patch deployment.
• Coordinate with third-party application vendors where patching and vulnerability management requires vendor input.

Requirements

• 8+ years' experience in IT security with a strong focus on vulnerability and patch management.
• Proven expertise in Windows server environments.
• Strong knowledge of security standards, frameworks, and regulatory compliance.
• Experience with enterprise patch management tools and processes.
• Ability to lead patching projects in large, complex organisations.
• Strong communication and stakeholder engagement skills.
• Certifications in Windows security

• Assist in review of gap analysis against ISO/IEC 27001:2022 requirements.
• Review existing policies, procedures, and controls.
• Identify non-conformities and areas for improvement.
• Map current controls to Annex A controls (aligned with ISO/IEC 27002:2022).

• Develop a remediation roadmap with prioritized actions.
• Assist in updating or drafting required documentation (e.g., ISMS policy, risk treatment plan).
• Support stakeholder engagement and awareness sessions.
• Coordinate with internal teams to ensure alignment with audit requirements.

• Conduct mock audits or readiness assessments.
• Provide guidance on evidence collection and audit preparation.
• Support internal audit or pre-certification activities.

• Gap Analysis Report and Reviews
• Remediation Roadmap
• Updated ISMS Documentation
• Audit Readiness Checklist
• Weekly Progress Reports

• Proven experience with ISO/IEC 27001 implementation and audits.
• Familiarity with ISO/IEC 27002:2022 control framework.
• Strong documentation and stakeholder engagement skills.
• Preferably certified (e.g., ISO 27001 Lead Implementer or Auditor).

Our client in the telecommunications sector is looking for a ISO Cyber Security Consultant on a contract duration of 6 months.

Assessment Phase

Assist in review of gap analysis against ISO/IEC 27001:2022 requirements.

Review existing policies, procedures, and controls.

Identify non-conformities and areas for improvement.

Map current controls to Annex A controls (aligned with ISO/IEC 27002:2022).

Planning & Preparation

Develop a remediation roadmap with prioritized actions.

Assist in updating or drafting required documentation (e.g., ISMS policy, risk treatment plan).

Support stakeholder engagement and awareness sessions.

Coordinate with internal teams to ensure alignment with audit requirements.

Readiness Support

Conduct mock audits or readiness assessments.

Provide guidance on evidence collection and audit preparation.

Support internal audit or pre-certification activities.

Deliverables

Gap Analysis Report and Reviews

Remediation Roadmap

Updated ISMS Documentation

Audit Readiness Checklist

Weekly Progress Reports

Requirements

Proven experience with ISO/IEC 27001 implementation and audits.

Familiarity with ISO/IEC 27002:2022 control framework.

Strong documentation and stakeholder engagement skills.

Preferably certified (e.g., ISO 27001 Lead Implementer or Auditor).

Published : 06/09/2022

Location : South Africa

Career Level : Experienced

Entity : DQS South Africa

Type of employment : Associate

Reference number : ISMS0023

For almost four decades, the DQS group has been known internationally for the highest quality and reliability in the certification of processes or management systems. Above all, our success is based on a high level of customer and service orientation that goes far beyond verifying checklists, and of course, on our employees who give their best every day.

DQS is currently looking for qualified Information Security, Cyber Security and Risk Management specialists interested in pursuing a career in auditing.

Your primary role would be to carry out assessments of our customer's management systems to ensure they meet the requirements of International Standards such as

ISO 22301

,

ISO 27001

,

TISAX

and other related standards.

To apply you'll need at least:

• Professional education (academic or technical): Completed higher education with a university or trade school degree, master craftsman's diploma or equivalent.
• Professional experience: At least five years of professional experience, including management, personnel, or project responsibility, two of them relating to the respective management system (

ISO 27001

,

ISO 22301

,

TISAX

).
- Experience with information and cyber security technologies.
- It is important for us to assign experts and managers with practical experience in auditing.

Our success is based on our highly qualified and experienced auditors. They have completed professional training and/or a degree, have extensive experience with management techniques and management systems, and have proven practical experience in the various industries they audit.

Training and development will be provided to ensure your success as an auditor

Various trainings will be provided on an ongoing basis.

International working environment

Weiterbildungsmöglichkeiten

Exciting Projects

Open-minded team

DQS: Simply leveraging Quality.

Our success is based on our highly qualified and experienced auditors. They have completed professional training and/or a degree, have extensive experience with management techniques and management systems, and have proven practical experience in the various industries they audit.

Would you like to join a dynamic team of auditors and further expand the success of DQS? If you meet the above requirements and are interested in becoming a certified auditor with DQS, please send us your CV to

Apply Now

Job ads

Haven't found the right one for you yet? Feel free to take another look at our overview.

Back to the overview

Role Summary:

To provide superior risk management services within the Service Delivery Centre (SDC) Africa team.

This role is based in Bloemfontein

Qualifications / Certifications required:

• A completed tertiary qualification in administration
• Please note that this is not a finance role but rather an entry level position in our risk management team

Experience required
:

• Minimum of two years working experience would be advantageous

Responsibilities of role:

Perform risk management testing against a predertimed risk criteria

General administration;

Invite and provide evidence-based feedback in a timely and constructive manner;

Share and collaborate effectively with others;

Work with existing processes/systems whilst making constructive suggestions for improvements;

Validate data and analysis for accuracy and relevance;

Follow risk management and compliance procedures;

Keep up-to-date with technical developments for business area;

Communicate confidently in a clear, concise and articulate manner - verbally and in written form;

Seek opportunities to learn about other cultures and other parts of the business across the Network of PwC firms;

Uphold the firm's code of ethics and business conduct.

Skill sets required:

Strong planning, time management and organisation skills

Work effectively under pressure and handle confidential matters with tact and professionalism

Pragmatic problem-solving approach

Good communication skills, verbal and written

Detail orientated and deadline driven

Punctual, flexible and responsive

Good interpersonal and client liaison skills

Able to work independently and in a team

Strong work ethic

Meticulous.

Enthusiasm and passion to deliver exceptional client service

Highly proficient in Microsoft office suite (Excel, Word and PowerPoint) and the Google suite

Role related attributes:

We're very proud of our unique culture and expect our people to demonstrate skills

and behaviours that will support us in implementing our business strategy. This is

important to the work we do, both for our business and our clients. These skills and

behaviours are a strong component of our global leadership framework: The PwC

Professional.

Independence requirements to be taken into consideration:

SDC operates on the Fully Restricted Model, therefore complete independence from PwC clients is required.

Kick-start your career in the online gaming world and experience the very latest in technology and innovation.

Job title:
Risk Management Analyst

Department:
Enterprise Risk Management

Reporting to:
Head of Internal Controls and Risk Management

Who We Are
We're part of Super Group, the NYSE-listed digital gaming company behind some of the world's leading Sports and iGaming brands.

Our journey at Osiris Trading started in 1999 with a handful of brilliant individuals and some very big picture thinking. Now, we are an ever-growing community of 300+ talented and exceptional people at the forefront of the vast and competitive world. Our expertise lies in marketing, customer service and technology.

Who We're Looking For
We're on a thrilling journey of growth and innovation, and we need passionate, driven individuals to join us. At Osiris, every day is action-packed, and we expect you to bring your A-game. In return, you'll find a supportive environment where your skills can flourish and your career can soar.

Ready to become a game-changer? Supercharge your career with us and be part of something extraordinary.

Why we need you
We're on a mission to create extraordinary experiences for our customers, and we believe that your unique skills, passion and superdrive will help us achieve our vision.

Reporting to the Head of Internal Control and Risk Management, an exciting opportunity is available for a self-motivated individual looking to join our Enterprise Risk Management Team. Based in Johannesburg, the individual will be responsible for assisting with the administration of the enterprise risk management system and associated responsibilities relating to the duties below

What You'll Be Doing
As part of your role, your responsibilities will include:

• Maintenance and administration of the enterprise risk management system (ERMS), including data entry where required, including tracking and updating of risk registers to ensure the quality of information on the risk management system
• Coordinating and scheduling meetings, administration and supporting the Enterprise Risk Management Team with the development of training materials to promote risk awareness
• Supporting the Enterprise Risk Management Team in the development and maintenance of risk management documentation, policies and procedures
• Maintain and organize electronic and physical files related to enterprise risk management activities, ensuring confidentiality and accessibility of information.
• Supporting various risk owners and risk champions in identifying, analyzing risk and control information and to ensure risks are appropriately managed
• Support risk and control owners in accurately documenting the control environment for accurate risk assessments
• Assisting the Risk Management Specialist with ensuring that risk management processes are appropriately enforced in line with policies and procedures and preparing the supporting files for risk committees
• Regularly review the information held on the risk management system to identify issues with quality of the information – working with the business to improve quality,maintain accuracy and completing the overdue risk assessments
• Collaborate with internal stakeholders to gather and compile risk-related information and reports and assist in the dissemination of information as required.
• Engage with the Risk Management System support for effective ERM tool operation and resolution of related requests or issues.
• Assist the team to identify future enhancements and assist in enhancing the use of enterprise risk management system including preparing risk dashboards
• Provide general administrative support to the Risk Management Specialist and larger Enterprise Risk Management Team, where required
• Support risk owners in identifying and monitoring the key risk indicators (KRIs)
• Stay up to date with risk management frameworks and recent trends, regulatory updates and industry best practices.
• Perform other duties as reasonably required to support the effective management of enterprise risks and contribute to the overall success and maturity of the risk management function

This job description is not intended to be an exhaustive list of responsibilities. You may be required to complete other reasonable duties in order to achieve business objectives.

Essential Skills You'll Bring To The Table
The necessary skills that we require for this role include:

• BCom in Internal/ External Audit (preferred), Law or related fields or Certifications in Risk Management
• 2 + years proven experience in a risk management or audit environment.
• Knowledge of enterprise risk management principles and practices.
• Proficiency in using Microsoft Office and other relevant software applications for data entry, document management, and report generation.
• Strong organizational and time management skills, with the ability to prioritize tasks and manage multiple responsibilities effectively.
• Excellent communication and interpersonal skills, with the ability to work collaboratively with diverse teams and stakeholders.
• Attention to detail and accuracy in data entry and documentation, with a commitment to maintaining confidentiality and integrity of information.
• Desirable would be experience in using ERM software
• Post Graduate certification or Diploma in Risk Management
• ISO 31000 Certification

Desirable Skills You've Got Up Your Sleeve
It would be great if you also have some of the following skills:

• In-depth knowledge of sports betting markets, including odds calculation, betting types and market trends
• Previous experience in the online gaming or casino industry, with a strong understanding of player behaviour and industry regulations
• Familiarity with gambling regulations and compliance requirements in various jurisdictions, ensuring adherence to legal standards
• Experience in developing and executing customer retention strategies
• Computer literacy and proficiency in Microsoft Office Suite (Word, Excel, Project, PowerPoint)
• Ability to use pivot tables and work with an advanced statistical database and statistical methods and functions

Our values are non-negotiables
Our culture is underpinned by core values that are linked to key behavioural competencies. Along with the below behavioural competencies, these are essential for all employees in order for you to embed in and drive our culture forward.

These competencies are:

• Adaptability
• Ownership and accountability
• Initiating action
• Resilience
• Team orientation
• Integrity
• Innovation

What You'll Get Back
We offer a great variety of personal and professional benefits to help you thrive at Osiris and Super Group. This includes:

• We're dedicated to your supergrowth. Our comprehensive learning and development programmes give you a range of resources and opportunities to expand your skills and advance your career.
• Your hard work and achievements won't go unnoticed. Our innovative Performance Tool ensures you receive regular, constructive feedback, helping you to continuously improve and reach your full potential.
• Our Employee Assistance programme offers a variety of benefits which you and your family can benefit from.

Be part of that Superclass feeling
At Super Group, diversity is part of our DNA. With teams across 16 countries, 85 nationalities, and 27 languages, we take equal opportunities seriously, championing a supportive, inclusive and empowering environment wherever you are in the Group.

It's all about putting your experience first and ensuring honesty and fairness in all we do. Here, your growth is supported and your contributions valued.

Game on

• Please note we will apply relevance to our Talent Management and Talent Development Programme as part of our recruitment process.
• Shortlisted candidates may need to complete an assessment.

This position requires trust and honesty it has access to customers financial details - therefore a credit and criminal record check will be conducted. The qualifications identified herein are an inherent job requirement; therefore, a qualification verification check will be done. By applying for this role, and supplying the necessary details, you hereby grant us permission to apply for these checks. This will be done in a confidential manner, and solely for the purposes of verification.

Should you not hear from us within 2 weeks, please deem your application as unsuccessful.

The perfect place to work, play and grow

Division: Governance

Reference No: 5916

Location:

Centurion, Gauteng, ZA

Employment Type: Permanent

Disability (EE targeted role): No

T.A.S.K Grade: 15

Job Posting Salary: R891,176.00

Job Posting End Date: 21 Oct 2025

The Road Accident Fund's mission is to provide appropriate cover to all road users within the borders of South Africa; to rehabilitate and compensate persons injured as a result of motor vehicle accidents in a timely and caring manner; and to actively promote safe use of our roads.
Purpose of the Job:
Reporting to the Senior Manager: Risk Advisory and Business Continuity, the successful incumbent is responsible to plan, design, implement, monitor and communicate risk management processes and programmes within the RAF.

Key Performance Areas
Policy Review and Implementation

• Contribute to the development and implementation of departmental policy, procedures and processes.
• Keep up to date with effective policy and practice execution strategies.
• Provide inputs into policies and regulations.

Enterprise risk management

• Research and keep up-to-date with corporate governance best practices and policies to implement within the RAF's risk management environment.
• Gathers and compiles data related to risk from internal and external resources.
• Identifies risks by analysing data, observing processes and talking to people.
• Drafts and delivers reports outlining findings, identifying and explaining potential risks and recommending solutions.
• Select, develop and implement appropriate risk assessment models or methodologies.
• Participate in the development, , implementation and maintainance of risk management processes and strategies.
• Participate in the development of risk mitigation strategies that are appropriate, implementable and that associated targets are achievable for business units.
• Promote effective enterprise risk culture across RAF including development of newsletters, creating awareness and faciliting appropriate training.
• Make use of business intelligence tools to conduct various types of risk assessments, scenario analysis, risk modelling and reviews at all levels of the organisation.
• Facilitate the identification of risks, essessment, evaluation, communication, monitoring and reporting on risks.
• Ensure that risk registers and Control / Control /Action Plans (Task) registers are kept up to date.
• Review the adequacy and effectiveness of controls including validation of progress as reported by management.
• Facilitate identification and monitoring of key risk indicators and risk tolerance levels.
• Collaborate with other assurance providers to ensure identification and reporting of risks and assessment of the adequacy and effectiveness of management internal controls.
• Coordinate monthly engagements with the business on risk registers, incident reporting and monitoring of key risk indicators.
• Coordinate Risk Champion meetings in the relevant processing centre.
• Maintain input and data quality of the Risk Management System / tool.
• Provide advice to management on emerging risks and mitigation options and on the adequacy and effectiveness of existing and future controls.
• Represent Risk Management in management committee meetings, SCM and other assurance provider's forums.
• Perform annual process self assessment to improve the risk maturity for the relevant processing centre.

Reporting

• Develop functional reporting systems, for management, projects or performance reporting.
• Prepare proposals, briefings, presentations, reports, and other documentation and provide management information both verbally and in report format.
• Report on emerging and materialised risks leading to the review of risk registers to identify control gaps.
• Preparation of monthly, quarterly, annual and ad-hoc reports.
• Ensure proper management and maintainance of official records.

Stakeholder Management

• Facilitate and manage communication with relevant internal and external and progressively manage the relationships.
• Manage relationships with vendors, service providers or procurement teams and ensure that all relevant procured items are invoiced and paid on time.
• Facilitate adequate communition concerning key risks.
• Communicate with all levels of stakeholder contact.
• Represent the Fund in relevant internal and external activities and events.

Qualifications And Experience

• Bachelor's Degree/ Advanced Diploma in Economics / Risk Management related qualification.
• Relevant 5-7 years' experience in an Enterprise Risk Management environment.

Technical And Behavioral Competencies Required

• Resilience.
• Communication
• Working with People
• Network and Alliances
• Planning, Organising and Coordinating
• Employee Engagement
• Personal Mastery
• Judgement and Decision Making
• Client Service Orientation
• Understanding of corporate governance standards and practice.
• Understanding of risk management frameworks and applicable laws.
• Strong stakeholder relations management.
• Understanding of King IV report.
• Knowledge of ISO 31000.
• Ability to quantify risks.
• Ability to make use of data analytics tools and risk modelling techniques.
• Ability to analyse complex data and information.
• Excellent communication.

NB: "RAF offers Total Employment Cost packages with no additional contributions from the Employer, successful candidates are required to structure their packages in a manner that will suit their needs".
The Road Accident Fund subscribes to the principles of employment equity and preference will be given to People with Disabilities.
Applicants who have not received any correspondence from us within six weeks from the closing date can consider themselves unsuccessful
Security Vetting shall be conducted on all prospective employees
It is the applicants' responsibility to have foreign qualification evaluated by the South African Qualification Authority (SAQA) and to provide proof of such evaluation.